From: Wouter Wijngaards Date: Mon, 4 Jul 2016 15:00:30 +0000 (+0000) Subject: More docs for enabling the netblock option. X-Git-Tag: release-1.5.10~60 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=fe806696395db6d28f630536d48337bcf9c49bcb;p=thirdparty%2Funbound.git More docs for enabling the netblock option. git-svn-id: file:///svn/unbound/trunk@3805 be551aaa-1e26-0410-a405-d3ace91eadb9 --- diff --git a/doc/example.conf.in b/doc/example.conf.in index 768ee9deb..d7caf3827 100644 --- a/doc/example.conf.in +++ b/doc/example.conf.in @@ -52,6 +52,15 @@ server: # outgoing-interface: 192.0.2.153 # outgoing-interface: 2001:DB8::5 # outgoing-interface: 2001:DB8::6 + + # Specify a netblock to use remainder 64 bits as random bits for + # upstream queries. Uses freebind option (Linux). + # outgoing-interface: 2001:DB8::/64 + # Also (Linux:) ip -6 addr add 2001:db8::/64 dev lo + # And: ip -6 route add local 2001:db8::/64 dev lo + # And set prefer-ip6: yes to use the ip6 randomness from a netblock. + # Set this to yes to prefer ipv6 upstream servers over ipv4. + # prefer-ip6: no # number of ports to allocate per thread, determines the size of the # port range that can be open simultaneously. About double the diff --git a/doc/unbound.conf.5.in b/doc/unbound.conf.5.in index 339380625..cbc421ab2 100644 --- a/doc/unbound.conf.5.in +++ b/doc/unbound.conf.5.in @@ -149,6 +149,10 @@ options, but do not specify both an individual IPv6 address and an IPv6 netblock, or the randomisation will be compromised. Consider combining with .B prefer\-ip6: yes to increase the likelihood of IPv6 nameservers being selected for queries. +On Linux you need these two commands to be able to use the freebind socket +option to receive traffic for the ip6 netblock: +ip -6 addr add mynetblock/64 dev lo && +ip -6 route add local mynetblock/64 dev lo .TP .B outgoing\-range: \fI Number of ports to open. This number of file descriptors can be opened per